TW556160B - Revocation information updating method, revocation information updating apparatus and storage medium - Google Patents

Abstract

A storage medium (PM) 13 includes a controller 130 and two types of storage regions, the concealed region 134 and the open region 131. The open region 131 includes an open RW 133 storing a digital content, an open ROM-W region 132a storing, as revocation information, identification information of an electronic appliance that is prohibited from accessing the digital content, and an open ROM region 132 storing, as master revocation information, identification information of an electronic appliance that is prohibited from updating the revocation information. When the storage medium is loaded into an electronic appliance that has identification information which is registered in the open ROM region 132, the controller 130 prohibits the electronic appliance from updating the revocation information.

Description

556160 A7 B7 V. Description of the Invention (1) <Background of the Invention> 1. Field of the Invention The invention relates to a method for storing digital content such as programs, digitized text, audio, and video. Storage media, and a method of updating invalid data that prevents unauthorized electronic devices from recording or reproducing digital content. 2. Description of the Related Art In recent years, advances in digital and microprocessors have made electronic devices develop in a variety of directions. One example is a personal computer with a multimedia device, a frequency converter, a reproduction device, and a game console. In addition to self-recording media to reproduce image data, audio data, and other digital content, electronic devices can also download digital content from the Internet. Digital content is mostly copyrighted material that is digitally encoded using MPEG2 (Dynamic Compression Standard 2) or MPEG3 (Dynamic Compression Standard-Audio Layer 3) technology. This data can be copied and transmitted over the network without compromising its quality. This means that there is an urgent need to develop technologies to prevent inappropriate actions such as copyright infringement on digital content. Most current electronic devices, such as personal computers, frequency converters, and reproduction devices, use "reversible" recording media. The reversible recording medium here refers to the recording media of non-dependent participants. Such media operate according to public specifications. This allows users to arbitrarily transfer or copy digital content to other media. There is no effective way to protect digital content that has been recorded on the recording media. Memory cards that integrate recording media and controllers have recently appeared on the market. This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) (Please read the precautions on the back before filling this page). Order --- ------. Printed by A7, Consumer Cooperatives, Intellectual Property Bureau, Ministry of Economic Affairs

5. Description of the invention () 2 above. This card is equipped with a protected area (hereinafter referred to as the hidden area) that can only be accessed by using the controller's access control function through a special program, otherwise the user cannot enter or exit. It is believed that using hidden areas to store important data, such as copy control data and transmission control data, will protect digital content more securely. A method for protecting the copyright of digital content will be described below. When digital content is transmitted between any of the electronic devices and a recording medium, both devices will first perform mutual authentication. This means that each device checks each other to see if it is a device equipped with the same copyright protection mechanism (that is, the inner valley protection function that is prerequisite). When the authenticity of the two-party device is determined, they exchange key codes based on the key code generation algorithm prepared by both parties. Both devices thus obtain an authentication key code and use this authentication key code to individually encrypt and decrypt any content key (different from the minimum code used to encrypt digital content), or to encrypt and decrypt the digital content itself. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs The above technologies have the following problems. Content protection mechanisms in electronic devices (such as data or programs used for mutual authentication) must be set up before the electronic devices are known from the factory. After the consumer purchases, the electronic device (or, more specifically, the program that operates the electronic device) may be intervened, making the content protection mechanism ineffective. Mutual authentication alone cannot detect or stop the improved electronic device, so digital content may still be used inappropriately. It may be possible to provide better protection of digital content by pre-recording invalid material in a special area on the recording medium. Invalid data will indicate invalidity Electronic devices should be barred from accessing content stored on recording media. The lost paper size is in accordance with Chinese National Standard (CNS) A4 specification (21〇X 297 public love) 556160 A7 B7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention () 3 Forms to identify data forms. When the recording medium is loaded into an electronic device registered with invalid data, the electronic device is prohibited from entering the recording medium. In other words, by invalidating the right of the electronic device to enter the recording medium, the content on the recording medium is protected. A disadvantage of this method is that it still has to set the failure data in an irreversible area before the electronic device is shipped from the factory. This means that once playing with the electronic device (or the program of the electronic device) will lead to the emergence of a new type of invalid electronic device after the recording medium is manufactured, the electronic device cannot be added to the invalidation data on the recording medium. Illegal access to such electronic devices cannot be prevented. <Summary of the Invention> In view of the above-mentioned problems, the purpose of the present invention is to provide a storage medium for expired data. Even if an unauthorized electronic device appears after the storage medium has been manufactured, an unauthorized Authorize electronic devices to access digital content. The object of the present invention also provides a device and method for updating invalid data suitable for a storage medium. The above object is achieved by a storage medium that has been installed in an electronic device. The storage medium includes: a content storage area for storing digital content; and an invalid data storage for storing data corresponding to identification data of the electronic device. Area, the identification data prevents access to the digital content stored in the content storage area; a master invalidation data storage area for storing data corresponding to the identification data of an electronic device, the identification data is prevented from being updated and stored in the failure, please read first Note U on the back I Item Iΐ The size of the paper used in the revised edition is in accordance with Chinese National Standard (CNS) A4 (210 X 297 mm) 556160 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention (Invalidation in the shell material storage area) Data. The structure of icJL »1 should not be renewable. The data corresponding to the identification data that has not been placed in J2 ^ I must be registered in the storage medium failure storage area beforehand. By referring to this data, the storage medium Month b knows that the electronic device that is trying to enter the invalidation information is an authorized electronic device or an unauthorized electronic device The invalid data is stored in a secure and reversible storage area. Even if unauthorized electronic devices appear after the storage medium has been manufactured, the data corresponding to the identification data of 5 authorized electronic devices can be registered in another Dead material storage area. In this way, unauthorized electronic devices can be prevented from accessing digital products stored in the storage medium. Here, the storage medium may further include: an internal and a vinegar for performing the first judgment The software judges whether an electronic device that has installed storage media has unique data corresponding to the invalid data stored in the remaining area of the invalid data. If the result of the first judgment is negative, the content protection component allows the electronic device to enter the storage age: # 料 区 赖 _ 容; — A failed data update component for performing the first judgment, which determines whether a sub-device of the installed storage medium has a corresponding master failure material remaining in the remaining area of the master failure data_data 'when The second judgment result is negative, and the updating component allows the electronic device to update the failure data stored in the failure data error data area. According to the above structure Only when you have an electronic device that does not correspond to the main area: other data, you can update the invalid data. This means that you can prevent unauthorized electricity, tilt, etc. ^ Please read the device's charge when you play with it. Note on the back. item

If I order the paper standard national standard (CNS) AT specifications (21 × 297 issued) V. Description of the invention () 5 In this' main invalid data error storage area can be placed in ROM (read-only memory) ), In which the master failure data has been stored in advance. It can protect the storage media from being attacked by the master's invalid data after the storage media is manufactured. Here, the storage medium may further include a mutually distinguishing component for performing mutual authentication by using an electronic device having the storage medium installed before performing the second judgment of the failed data update component, and when the mutual authentication succeeds, the The mutual authentication component also manufactures at least a private key that can be shared with the electronic device, wherein the invalidation data update component uses the private key manufactured with the mutual authentication component to update the invalidation data at least. According to the above structure, the definitive authentication data on which device has the right to update the invalidation data is safely transferred between the storage medium and the electronic device. This increases the safety of protecting stale data. Here, only when the second judgment result is negative, the revocation data updating unit can transmit a private key code that the electronic device must update the revocation data to the electronic device. Therefore, the result of judging whether an electronic device has the authority to update the invalidation information is confidential. This can prevent a third party from trying to intercept communication between the storage medium and an electronic device. . In k, the invalidation data can be classified into several groups, and the invalidation data storage area can include multiple storage areas, and each group is stored in a different storage area, and the invalidation data update component can determine the following as the first Two judgments: () Whether the electronic device installed with the wrong storage medium has identification data that does not correspond to the main failure data stored in the wrong storage area of the main failure material; and talk about 556160 A7 B7 V. Description of the invention () 6 Electronic device Whether it has identification data in a specific group that does not correspond to the invalidation data that the electronic device wishes to update. Only when both (1) and (2) are affirmative, the second judgment is negative, and the failure data updating component allows the electronic device to update the failure data in a specific group only. Therefore, even when an unauthorized third party wants to play with the invalidated data, the damage can be controlled in a group of the invalidated data. Other groups of stale data are not affected. The aforementioned object of the present invention can also be achieved by a method of updating invalid data on a storage medium. The method includes: a detection step for detecting whether a storage medium is installed in an electronic device; and a method for performing a first determination whether the first identification of the electronic device does not correspond to the main invalid data storage area stored in the storage medium. The judgment step of the main failure data; and an update step for updating the failure data stored in the failure data storage area only when the result of the first judgment is affirmative. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs The aforementioned invention object can also be achieved by an invalidated data updating device for updating invalidated data on a storage medium. The device includes: a first authentication data storage component for storing first authentication data, the first authentication data does not correspond to a main restricted area of a main invalid data storage area stored in a storage medium; A permission obtaining part of the first authentication data stored in the first authentication data storage method, obtaining a permission to update the stale data stored on the storage medium from the storage medium; and obtaining a permission according to the self-permission obtaining part to update the storage stored in the storage Update parts for invalid materials on the media. This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 556160 A7 B7 V. Description of the invention () 7 <Brief Description of the Drawings> The above and other objects and advantages of the present invention And the characteristics will be more apparent in the following description, the accompanying drawings and specific examples. Figure 1 shows the complete structure of a copyright protection system in an embodiment of the present invention; Figure 2 is a block diagram of the structure of a content distribution system (CDS); Figure 3 is a block diagram of the structure of a recording medium (PM) Figure 4 shows the recording content and composition of an open rqM area in a PM; Figure 5 shows the logical storage area of a CDS; Figure 6 is a block diagram of the structure of a recording / playback device (portable device pD); Figure 7 shows the logical storage area of PD; Figure 8 is a block diagram of the structure of a content usage management system (License Compliance Module LCM); Figure 9 shows the logical storage area of LCM · Figure 10 shows that it is not between CDS, The first part of the exchange between PM and the processing flow; Figure 11 shows the print between the CDS, Piu Gazhan ^ and the processing flow, and the consumer property cooperative printed by the Intellectual Property Bureau of the Ministry of Economic Affairs; and Figure 12 shows the CDS , PM and the office process came. &lt; Description of a preferred embodiment DescripUn 〇f as is known &gt; Embodiments of the present invention will be described in detail below with reference to the drawings. -10- This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297-556160 A7 B7) 5. Description of the invention () 8 Figure 1 shows the structure of the copyright protection system 100 according to this embodiment. Copyright protection system 100 Protect the copyright of digital materials, which are distributed electronically or used via recording media. As shown in Figure 1, the copyright protection system 100 includes: a digital distribution of music content via the Internet in the form of a vending machine. Content distribution system 1 (CDS), a recording medium 13 for storing music content (hereinafter referred to as portable media PM13), and a portable recording / playback device for recording music content to and from PM13 12 (hereinafter referred to as portable device PD), and a content use control system 21 (hereinafter referred to as the License Compliance Module LCM) that manages recording, playback, and transmission of music content. CD1, PM13, and PD12 are equipped with one of the above-mentioned updateable failure data Function or structure, even after CD1, PM13, and PD12 have been manufactured, the existence of unauthorized electrical appliances is discovered, which can prevent unauthorized electronic devices from Enter digital products appropriately. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. Figure 2 is a block diagram showing the structure of CD1. Architecture 40 presents an electronic music distributor (EMD), such as a music server or broadcast station. Architecture 41 presents a Failed Data Licensed Entity (RLE). When an unauthorized electronic device is just discovered, RLE41 issues new failed data for this electronic device including authentication data. CDS1 can be accessed by a professional terminal (such as a power distribution kiosk terminal) And can be found in a recording store. This CDS1 is connected to EMD40 and RLE41 via a transmission path, and contains a secure music server 2 (SMS2), an EMD-I / F (interface) component 3, a PD One I / F component 5. One media _I / F Department-11- This paper size is applicable to China National Standard (CNS) A4 (210 X 297 mm) 556160 Printed by the Intellectual Property Bureau Staff Consumer Cooperatives of the Ministry of Economic Affairs Α7 Β7 V. Description of the invention (9) 6, a hidden area drive 7, a registration storage part 8, a license storage part 9, a music data storage part iG, a __failure data receiving part 14, a user I / F File 15 and an invalid data storage component 16. The functions of CDS1 are as follows: Functions Recording (Purchasing) Function CDS1 records the content desired by the user on PM13 and loads it into cdsi. This is the same as the content purchased by the user. Corresponding. ⑺ Rev.cation inf〇rmation Updating Function CDSI updates the invalid data on PM13 and puts CDSlt) j. This failure information indicates which electronic device should be cancelled. The EMD-I / F unit 3 is a communication adapter that connects the CDS i with several EMD40s. The PD-I / F unit 5 is a universal serial bus (UBS) connected to the CU. Media 1 / F unit 6 is a PCMCIA (A Computer Memory Card International Association) card expansion slot loaded with pM13 to CDS1. The failure information receiving unit 14 is a communication adapter, which receives failure data to be registered. The user I / F unit 15 includes a liquid crystal display (LCD), a switch, a button key recording code, and the like. The music data storage unit 10 is a flash memory that stores encrypted music content. The registered health storage unit 8 is a memory that stores health storage attribute data of music content in the music data storage unit 10. The special storage unit 9 is a memory storing a key code or other data, which is used to decrypt the encrypted music valley stored in the music data storage unit 10. Failed shell material storage part 16 is-memory, which temporarily loses storage -12- ^ Paper size applies Chinese National Standard (CNS) A4 297 male ---

A7 B7 556160 V. Description of the invention () 10 effective data, such as failure data received from RLE41. The hidden area driver 7 is a control circuit that uses a hidden program that is not open to enter the protected storage area in the registration storage unit 8 (described in detail below). SMS2 is a central processing unit (CPU) that executes processing and controls other components to achieve the two functions described above. The CDS1 component functions and SMS2 control functions provided by the above (1) and (2) will be separately described in detail below. ⑴Function Recording (Purchasing) Function In CDS1, the authentication information of each recording medium (PMII) is used to encrypt and decrypt the content to protect the content from unauthorized use. CDS1 contains three receiving parts # 1 ~ # 3, which correspond to EMD40 # 1 ~ # 3. The encrypted content (ie, the inner valley of music) and special data (usage conditions, encrypted content, and decryption key code, etc.) distributed by the three EMDs are received by the corresponding receiving parts # 1 ~ # 3. Using different encryption methods and different audio coding methods can produce encrypted content distributed by EMD40. Each receiving part # 1 to # 3 also has a function of playing back received audio and a function of charging the user. This charging function enables users to purchase the desired content. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs, SMS2 receives the encrypted content purchased by the user through EMD_I / F component 3. When necessary, EMD_I / F component 3 decrypts the encrypted content. The encrypted content is encrypted by different EMDs with audio encoding and encryption methods. EMD-I / F component 3 also uses an audio encoding format and an encrypted format for transmission (re-encryption). ) Content, which was used by CDS1. When receiving an encrypted content, SMS2 stores the encryption in the music data storage unit 10 -13- This paper size is in accordance with the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 556160 A7 B7 V. Description of the invention (11) Content, and at the same time store a key code (encrypted content decryption key code) for decrypting the encrypted content in the license storage unit 9. SMS2 can be equipped with a playback function to allow users to listen to a music content that has been dispersed. In such cases, the music content managed by SMS2 may be remanufactured on CDS1. SMS2 is equipped with a function that outputs the encrypted content (music content) stored in the music data storage part 10 to the PM13 through the media-i / f part 6, such as a memory card, which is loaded into the media_I / F parts 6. By setting up PM13 in PD12, users can record encrypted content (music content) decrypted and played back by PD12 onto PM13. SMS12 can record content on PM13 directly through Media_I / F component 6 or indirectly through PD12. Users can also set PM13 in LCM21. LCM13 decrypts and plays back the encrypted (music) content recorded on PM13. Alternatively, users can transfer encrypted (music) content from PM13 to LCM21 for later storage on LCM21. (2) Revocation Information Updating Function This information is printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs to identify electronic devices (such as PD and LCM), and the electronic devices (such as PD and LCM) should be cancelled using PM13. Qualification to protect content on PM13. Here, “PM13” is used to indicate the content recorded on PM13 or read or playback content recorded on PM13. This failure data has been recorded on PM13 in advance during the manufacturing process. An electronic device performs the failure data update function This electronic device has special -14- This paper size is applicable to Chinese National Standard (CNS) A4 specifications (210 X 297 Public Love 1 &quot; 556160 Employees' Cooperatives of Intellectual Property Bureau of the Ministry of Economy printed A7 B7 V. Description of invention () 12 Special permission (such as CD1 in this example). When necessary, this function uses new failure information to update the failure information that has been recorded in the painting during the manufacturing process. This failure information is necessary to find new unauthorized electronic devices and must When it is invalid, it needs to be updated. ⑽ Equipped with invalidation information „File 14, which can receive new invalidation information from RLE41. Encrypting the new invalidation information from Ka41 to CD1 'can avoid playing between the two devices. For example, it can be encrypted by using the encryption key code shared in advance by RLE41 and CD1. SM2 receives the encrypted new failure issued by the company through the failure data receiving unit 14 The SM2 decrypts the encrypted new invalidation data and stores the new invalidation data in the invalidation data storage unit 16. When a swell, such as a -memory card, is loaded into the media-I / F unit 6 (that is, the media "When component 6 detects that PM13 has been inserted), the function prepared by Satoshi 2 outputs the failure data in failure data storage component 16 to PM13 through media-I / F component 6. The SMS2 can directly pass through media-I / F component 6 or indirectly through the financial records Record new invalidation data on PM13. Various different invalidation data will be described below. It should be noted that the recording medium (this is PM13) is not limited to storing digital music and can also be used for other purposes As a recording of an application system, the so-called, e-books, etc. In this way, the invalidation data is issued for each application system. Therefore, the electronic device can be cancelled for each application system separately, only those with special permission The electronic device can be permitted to update the update failure information corresponding to the application system for a specific application system. In this example, CD1 can only be an electronic device that is responsible for digital music (such as PD and LC) M) Update the invalidation information.

556160 A7

V. Description of the invention (13) With this configuration, even if a user plays with the CD1 invalid data update function, it will not affect other application systems, because the user will still be unable to update the invalid data in other application systems. At the same time, it is necessary to cancel an electronic device with a special license (such as CD1). The electronic device has a special license and can use the special failure data (hereinafter referred to as the master failure data) registered on the PM13 to update the failure data. In other words, the master failure information that shows that the special electronic device has special permission to update the failure information can also be directed into the copyright protection system as a blacklist of unauthorized electronic devices, and the failure information can be changed in addition. For example, suppose the invalidation data update function of a particular CDS1 is changed to allow unauthorized use. Data identifying such CDS1 can be added to the master failure data to prevent the modified CDS1 from entering the failure data. This may prevent unauthorized persons from playing with the invalidated data. In this example, it should be noted that it is assumed that the master failure data is updated using a method different from that disclosed in the present invention. Use a separately issued recording medium with new master failure data to update the master failure data, and use the recording medium to replace the old recording medium with old master failure data. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. Figure 2 is a block diagram showing the structure of PD12. This is a device that can record and play back. Figure 3 is a functional block diagram showing the structure of PM13. As can be seen from this figure, the PM13 includes a controller 130 and a recording medium portion composed of an open area 131 and an implicit area 134. The hidden area 134 is a logical storage area, and the logical storage area can only be accessed by the controller 130 using a private program. The hidden area 134 -16-

556160 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of Invention (14) It is used to store the data needed for decryption. As shown in FIG. 3, the hidden area 134 is composed of an implicit ROM area 135 storing a secret constant (such as a unique master media key code KM_M described below) and an implicit reversible write RW storing a private variable. The area 136 is composed of an authorized decryption key code, an encrypted content decryption key code, and a unique media key code KM-1 provided by a licensee as will be described below. This encrypted content decryption key code (hereinafter referred to as the encrypted content key code) is generated by using the encrypted content key code KC, which uses the unique media key code KM-1 unique to the PM13 to decrypt the content C. The unique master media key code KM-M and the unique media key code KM-1 must be set to different values for each PM13, so that it is possible to use different authentication information for each PM13, such as a serial number or a Product number (product number or production lottery number for each PM13). However, KM-M and KM-1 can be manufactured separately from the unique identification information of PM13 and the license decryption key code. For example, the implicit ROM area 135 may be physically located in ROM (that is, read-only non-dependent memory), and the implicit RW area 136 may be provided in a flash memory (that is, reverse-write non-dependent memory) Sexual memory). The open area 131 is separate from the hidden area and can only be accessed by traditional programs. The open area 131 includes a read-only open area 132 (hereinafter referred to as an open ROM area) and a reversible write open area 133 (hereinafter referred to as an open RM area). As shown in Fig. 4, it is assumed that the open ROM area 132 also contains an area that can be written only by a private program (hereinafter referred to as the open ROM-W area 132a). Figure 4 shows the open ROM area 132 in PM13 and its stored contents. -17- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) ----- j ---- Order-- ------- Line '(Please read the precautions on the back before writing this page) and then fill in the husband 556160 A7 B7 V. Description of the invention () 15 composition. For example, 'the open ROM area 132 can be physically placed in ROM, for example, the open RW area 133 and the open ROM-W area 132a can be physically placed in a flash memory. The open ROM area 132, the open RW area 133, and the open ROM-W area 132a can be separately provided in the same ROM as the implicit ROM area 315, and in the same flash memory as the implicit RW area 136. The master failure data (RL-M) is registered in the open ROM area 132 (hereinafter referred to as the open ROM area 132, but not the open ROM-W area 132a) before PM13 is shipped from the factory. One or more sets of invalidation data (RL-1, RL-2) are also registered in the open ROM-W area 132a before being shipped from Gongwei. By performing the lost data update function of CD1, the multiple sets of failed data can be replaced (updated), and the new failed data can be written into the open ROM-W area 132a by the controller 130 of PM13 according to a private program. It should be noted that one or more sets of invalidation data need not be updated according to the method disclosed in the present invention, and must be registered in the open ROM area 132 in advance. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs In this embodiment, the master failure data and one or more sets of failure data are forms of electronic device identification data (64-bit device id) that must be cancelled. Therefore, in the following explanation, the invalidation data of each group is, the invalidation form RL. The main invalidation data is "RL-1," and "rl-2". In this example, the 'failure table' RL-1 is used to cancel the recording or playback of digital music electronic devices (such as PD or LCM). The added inner valley (hereinafter referred to as encrypted content) and other data must be stored in the open RW area 133. These contents are based on the content key code (KC) -18-This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 556160 A7 B7 5. The invention description () 16 is encrypted. Figure 5 shows the logical storage area of CDS1. CDS1 has an open area 111 consisting of an open ROM area 112 and an open RW area 113, and an implicit area 114 that can only be accessed by a private key code. The music data storage unit ι0 shown in Fig. 2 is provided in the open area 11m. The open ROM area 112 includes an open area (not shown), and the invalid data storage part 16 shown in FIG. 2 is prepared in the open ROM-W area. In this embodiment, the SMS2 shown in FIG. 2 decrypts the encrypted new invalidation data received from RLE41, and uses a private program to store the decrypted new invalidation data on the open ROM-W. The identification data (device ID) ID-CDS is stored in the hidden area 114 in advance. The content key code (KC) of each content is also stored in the hidden area 114 as necessary. The hidden area 114 is also provided with a login storage unit 8 as shown in FIG. All music content stored in the music data storage unit ι0 (open rw area 113) and managed by SMS2 has a content ID (TID) and other identical identification data as its attributes. This attribute data is called, registered '' and stored in the registration storage unit 8 (set in the hidden area 114). The CDS 1 printed by the Employee Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs has a hidden area drive 7 which executes a special privacy procedure to enable SMS 2 to enter the registration storage unit 8 in the hidden area 114 and then reads from the registration storage unit 8 data. It should be noted that this registration should have no direct relevance to the present invention, so its use is not detailed. PD12 includes an open area 121, which consists of an open ROM area 122 and an open RW area 123, and one that can only be accessed by a private program. -19- This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 cm). Love) 556160 A7 B7 V. The hidden area 124 of the invention description (17). PD12's authentication information 11A ^ PE) is permanently registered in the hidden area 124. The content key code KC in each content is also stored in the hidden area 124. Figure 6 is a block diagram showing PD12. Figure 7 shows the logical storage area in PD. PD12 is a semiconductor audio playback device or a similar device. As shown in Figure 6, the hardware structure of PD12 includes a central processing unit CPU12a, a random cache memory RAM12b, a read-only memory ROM12c, a flash memory 12d, and an external I / F component 12e. , A media I / F unit 12f, a demodulation unit 12g to decrypt encrypted music content or other related content, a decoder unit 12h, and a D / A inverter unit 12i to decode and process compressed audio content . As shown in FIG. 7, the PD 12 is provided with an open area 132 and an implicit area 124. As shown in Fig. 6, PM13 is used on the media I / p part 12f of the PD12. When CDS1 reads and writes data through PD12, the PD I / F component 5 provided in CDS1 enters the hidden area 134 in PM13 through the external supplies I / F component 12e and media I / F component 12f of PD 12 (see section 3 images). Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs The media I / F unit 12f has a hidden area access unit (not shown) for entering the hidden area 134 in PM 13. For example, the open RW area 123 and the hidden area 124 of the PD 12 are prepared in a flash memory. A program that can perform mutual authentication with PM13 is written in ROM12c. Under the control of CPU12a, PD12 works with this program and uses PM13 to perform mutual authentication. Figure 8 is a block diagram showing the structure of the LCM21. LCM21 is implemented in personal computers and has the special function of updating invalid data. It is basically the same as CDS 1 -20. This paper size applies the Zhongguan Family Standard (CNS) A4 specification (210 X 297 public ^ '556160 A7 B7 employees of the Intellectual Property Bureau of the Ministry of Economic Affairs) Printed by the Consumer Cooperative 5. The invention description (18) has the same structure. In other words, the LCM21 includes an SMS22, an EMD-I / F component 23, a PD_I / F component 25, a media I / F component 26, and a The hidden area driver 27, a registration storage unit 28, a license storage unit 29, a music data storage unit 30, a CD_I / F unit 31, and a user I / F unit 35. Like the CDS1, the LCM21 has the following functions LCM21 can receive an encrypted content from an EMD40 and store the content in LCM21. The LCM21 can record an encrypted content stored in LCM21 to PM13, or can read a music content from PM13, and then in LCM21 Figure 9 shows the logical storage area to be stored in LCM21. Like PM13, CDS1, and PD12, LCM21 is equipped with an open area 211. The open area consists of an open ROM area 122 and an open RW area 213. In addition, a hidden area 214 that can only be accessed by a special program is prepared. The identification data ID_LCM of the LCM21 is stored in the hidden area 214 in advance and cannot be changed. This hidden area 214 must also be stored for each content. A content key code KC. PM13 is used to load the media I / F component 26 in LCM21. When data is read from or written to PM13, the hidden area 134 of PM13 is passed through the media in LCM21. I / F component 26 enters. This media I / F component 26 includes an implicit area reading component (not shown) to access implicit area 134 in PM13. For example, open RW area 213 and implicit area 214 of LCM21 It can be stored in a flash memory. The open ROM area 212 is stored in a read-only memory ROM. A program that can perform mutual authentication in PM13 is written in the ROM. -21- This paper standard applies China National Standard (CNS) A4 Specification (210 X 297 mm) ------ ^ --- ^ ---- ^ Installation --------- Order -------- -Line (Please read the notes on the back before filling this page) 556160

V. Description of the invention () 19 Under the control of the central processing unit CPU (not shown), the LCM21 operates in the same manner as this program and performs mutual authentication with PM13. The copyright protection system 100 of this embodiment will be described below. In this example, the user inserts PM13 into CDS13 and selects a process of recording music content to PM13 by EMD40. This corresponds to the action of the user to purchase music content. In this example, at the same time, the new invalidation material issued by RLE and stored in CDS1 in advance is recorded along with the music content on pmi3. Figures 10 and 11 show the front and back sections between the CDS1, PM13, and the processing flow individually. For example, when the user indicates through the user I / F component 15 of CDS1 that he has the intention to purchase music content and PM13 has been loaded into the media I / F component 6, the media I / F component 6 of CDS1 can communicate with PM13 ( The controller 130 in step S101) performs mutual authentication (also called main identification and key code exchange AKE-M). The following CDS1 and PM13 will implement this AKE-M process. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economy. First, CDS1 confirms the identity of PM13. As soon as CDS1 is allowed to update the invalid data, an authentication key code K1-M is provided, which is also like PM13 (the key codes not shown are stored in the hidden area ROM). CDS1 creates a random number R1 and transfers it to PM13. When receiving the random number R1 made by CDS1, PM13 encrypts this random number R1 with the authentication key code K1-M, and transmits the resulting encrypted random number R1 (ia-M [R1]) to CDS1. CDS1 uses the authentication key code K1-M to decrypt K1-M [R1]), and if the result is equal to the random number R1, it judges PM13 as a proper device. -22- I. —! Π-a paper size applicable to China National Standard (CNS) A4 (210 X 297 mm) 556160 A7 B7

V. Description of the invention (2G) Thereafter, PM13 performs the same process for CD S1 to complete the work of mutual identification. To complete this work, both CDS1 and PM13 have an authentication key code K2-M. CDS1 uses this authentication key code K2-M to encrypt the random number R2 received from PM13, and PM13 decrypts and confirms that the result is equal to the random number R2. In this example, the authentication key codes K1-M and K2-M are only provided to a special electronic device (here CDS1). This electronic device allows updating of invalid data, so ordinary electronic devices (such as LCM21) are prohibited from executing. Identification process AKE-M. During the mutual authentication process in step S101, when both CDS1 and PM13 find that they are appropriate devices, the media I / F unit 6 of CDS1 and the controller 130 of PM13 exchange key codes to share the same session key code (KY1). For example, the dialog key code (KY1) becomes a value, which is found for the logical XOR of the random numbers R1 and R2 produced in the mutual authentication process, and then the result is output to a private key code prepared in advance in CDS1 and PM13. Manufacturing algorithm. In this way, the conversation key code KY1 is a time-varying key code, and its value changes with each conversation. The Media I / F part 6 of the CDS1 printed by the employee's consumer cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs reads the master authentication data ID-M, which is secretly stored in the hidden area 114, for CDS1, and encrypts this data with the conversation key code KY-1 ID-M, and transmits the obtained encrypted ID-M to PM13 (step S102). The controller 130 of the PM13 uses the session key code (KY1) to decrypt the KY1 [ID-M] received from the CDS1, and the session key code (KY1) is received during the leading key code exchange process to obtain the ID-M (step S103). Subsequently, the controller 130 of PM13 uses the decrypted master identification of CDS1. -23- This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 556160 Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of the invention (21) The data ID-M refers to the main invalidation form rl_m of the open ROM area 132. The controller 130 determines whether the CDS1 should prohibit the use of PM13 by checking whether there is identification data conforming to ID-M in the master invalidation data sheet RL-M (step S104). If the identification data of Iβ · μ conforming to the master failure data form RL-M exists, the 'controller 13 0 uses CDS 1 to cancel the use right of the PM 13 and ends the execution at this time. On the other hand, if the identification data of 11) -M that meets the main failure data form 111 ^] ^ does not exist, the controller 130 determines that CDS1 can use PM13 (and update the failure data) 'and reads and outputs the secret The unique media key KM-M stored in the hidden ROM area 135 (step s05). The controller 130 then exchanges the key code with the media I / F part 6 of the CDS1 to share the same session key code KY-2, and before using the session key code KY-2 to encrypt the read unique master media recording key 'Transfer the resulting encrypted key code KM-M (= KY2 [KM-M]) to CDS 1 (step s 106). For example, when the aforementioned conversation key code KY-1 is input and prepared in advance in a secret key code generation algorithm of CDS1 and PM13 ', the result obtained is the conversation key code KY-2. The media I / F component 6 of CDS1 uses the session key code (KY2) to decrypt from AMP 2 (KM-M) received at the leading 鍮 PM13. The dialog key is cold to the media key code KM-key code. Received during the exchange process, and thus obtain the unique edition M (step S107) ° 姥 There is an open ROM-W Subsequently, the media I / F part 6 of CDS1 encrypts you &amp; the invalid data form RL-area with the new unique media key code KM- iN's New-24- This paper size applies to China National Standard (CNS) A4 specifications (210 X 297)

556160 A7 B7 5. Description of the invention () zz 1. The open ROM-W area and the new unique media key code KM-1N are manufactured by the media I / F component 6 using the unique master media key code KM-M, and the media I / of CDS1 The F unit 6 transmits the obtained encrypted KM-M [RL-1] and KM-M [KM-1N] to PM13 (step S108). For example, the unique media key code KM-1N referred to herein can be used as an output value, which is produced by the aforementioned key code KY2 for dialogue to a key code generation algorithm secretly stored in CDS1. The controller 130 of the PM13 uses the KM-M stored in the implicit ROM area 135 to decrypt the KM-M [RL-1 and KM-M [KM-1N] 'received from the CDS1, and thus obtains RL-1 and KM-1N ( Step S109). Subsequently, the media I / F section 6 of the CDS1 and the controller 130 of the PM13 perform a similar mutual authentication (AKE-1) on the above-mentioned mutual authentication (AKE-M) (step S110). Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. As a result, CDS1 first identified PM13. To do this, both CDS1 and PM13 store the same authentication key code K1-1 (not shown, stored in a separate hidden ROM area). CDS1 creates a random number R3J1 and transfers it to PM13. When receiving the random number R3 made by CDS1, PM13 encrypts this random number R3 with the authentication key code K1-1, and transmits the resulting encrypted random number (K1-1 [R3]) to CDS1. CDS1 uses the authentication key code K1-1 to decrypt K1-1 [R3]), and if the result is equal to the previously produced random number R3, it judges PM13 as an appropriate device. Thereafter, PM13 performs the same process for CDS1 to complete the work of mutual authentication. In order to complete this work, both CDS1 and PM13 have an authentication key code K2-1. CDS1 uses this authentication key code K2-1 to encrypt the -25 received from PM13.- This paper size applies to China National Standard (CNS) A4 (210 X 297) (Mm) 556160 Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of the invention () 23 Random number R4, and PM13 decrypted and confirmed that the result is equal to the random number R4. These authentication key codes K1-1 and K2-1 are only available in electronic devices (such as PD〗 2 and LCM16). This electronic device allows the use of music content, so it can prevent electronic devices corresponding to other application systems from performing the authentication process AKE · 1. During the mutual authentication process of step S110 above, AKE-1, when both CDS1 and PM13 find each other to be a proper device, the media I / F part 6 of CDS1 and the controller 130 of PM13 perform a key code exchange to share the same conversation key Code (KX1). For example, the dialog key code (KX1) is a value, which is found for the logical number x0R of the random numbers R3 and R4 produced in the mutual authentication process, and then the result is output to a privately stored in CDS1 and PM13 in advance Key code manufacturing algorithm. In this way, the conversation key code KX1 is a time-varying key code, and its value changes with each time. The media I / F part 6 of CDS 1 reads the master authentication data that is stored in the hidden area 114 for CPS1. It is encrypted with the session key code KX-1, and the data ID is small, and the obtained encryption is transmitted to the corresponding (Step S111) The controller 130 of the OPM13 decrypts the KX1 [ID-1] received from the CDS1 by using the #key code (KKX1), which is received during the leading key code exchange process, and thus obtains Π &gt; 1 (step S112). Subsequently, the controller 130 of the watch 3 uses the decrypted master authentication data ID-1 of the ⑽1 to refer to the master invalidation form Z-1 of the open ROM 132. The controller 13 judges whether or not CDS1 should prohibit the use of PM13 by checking whether or not there is authentication data corresponding to the price 1 in the master failure data sheet RL-1 (step S113). -26 A paper size is applicable to China National Standard (CNS) A4 specifications (210 X 297¾ ^ ---- τ ---: -------- = installed ---- l · --- order --- ------ line (please read the precautions on the back before filling this page) «! 556160 A7 V. Description of the invention () 24 If the bell-type data exists that meets the IP of the master failure data form RL-1", The controller 130 cancels the use right of PM13 by using CDS1 and ends the execution at this time. On the other hand, if the identification information of ID-1 that conforms to the master invalid asset form RL-1 does not exist, the controller 13 column It is determined that CDS1 can use PM13 (ie, record a content), and update the RL-1 and KM-1 with the new invalid data RL-1N and the new unique media key code KM-lN 'received from step S109 (step S114 ). The controller 130 then exchanges at least 'with the media I / F file 6 of CDS1 to share the same session key code KX-2, and transmits it before reading the identification data id-1 from the hidden area 114 of CDS1. So # II &gt; 1 (= KX2 [ID_1]) to PMI3 (step S115). For example, when the conversation key code KK_1 is input into a private key code widely generated algorithm prepared in advance in CDS1 and PM13 ', The value of the session key is the dialog key code KK-2. The controller 130 of the PM13 uses the dialog key code (KX2) to decrypt the KX-2 [ID-1] received from CDS1, and the dialog key code (KX2) is exchanged with the leading key code. Received during the process, and thus obtained the unique ID-1 (step S116). Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. Subsequently, the controller 130 of the PM13 uses the decrypted authentication data of the decrypted CDS1 to refer to the new failure of the open ROM area. Form RL_1N, and determine whether CDS1 should be prevented from using PM13 based on whether there is authentication data that conforms to ID-1 in the invalid data form rl-1 (step si 17). If authentication data that conforms to ID_M exists in the main invalid data form RL If -1N, the controller 13 judges that CDS1 should prohibit the use of PM13 and ends the execution at this time. -27- This paper size applies the Chinese National Standard (CNS) A4 specification (21 × 297 mm) The Intellectual Property Bureau of the Ministry of Economic Affairs Printed by Employee Consumer Cooperative 556160 B7

V. Description of the Invention () On the other hand, if the identification data conforming to ID-M does not exist in the master invalidation data form RL-1N, the controller 130 determines that CDS1 can use PM13 (that is, record a content), I read and The unique media key code KM-1N secretly stored in the hidden ROM area 135 is output (step S118). The controller 130 then exchanges the key code 'with the media I / F part 6 of the CDS1 to share the same session key code KX-3, and uses the session key code! ° ^ 3 to encrypt the read unique master media key code KM Before -1N, the obtained encrypted key code KM_1N (= KX3 [KM-1N]) is transmitted to CDS1 (step S119). For example, when the aforementioned dialog key code KX2 is input into a private key code generation algorithm previously prepared in CDS1 and PM13, the result obtained is the dialog key code KX3. The media I / F component 6 of CDS1 uses the dialog The key code (KX2) is decrypted from the KX3 [KM-1N] received from PM13. The dialog key code (KX3) is received during the leading key code exchange process, and a unique master media key code 10 ^ -1N is thus obtained (step S120) ° Subsequently, the media I / F unit 6 of CDS1 uses the unique media key code KM-IN to encrypt the content key MKC 'secretly stored in the hidden area Π4 and transmits and transmits the resulting encrypted KM-1N [KC] to the implicit of PM13. RW area (step S121). The media I / F part 6 of CDS1 transmits the encrypted content key code KC stored in the open RW area via 113 to the open RW area of PM13 (step S122). In this way, the method of this embodiment is only applicable to CDS1 according to the master failure form When RL-M is invalid, CDS1 is allowed to receive the encrypted master media key code KM-M from PM13. Stored in the open ROM area 114 and unique media records -28- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)

556160 A7 B7 V. Description of the invention () The new invalidation data RL-1 of the 26 key code KM-1N is encrypted with the unique media key code KM-M and transmitted to PM13. Therefore, the CDS device that should be cancelled according to the master failure form rule ^] ^ (that is, the electronic device that attempts to update the PM13 failure information) will undoubtedly be excluded (excluded). If a device has been invalidated according to the failure form RL4, PM13 will not be able to update the new invalid form size ^ or unique media key code KM-1N. Similarly, if CDS1 is not invalidated according to the new invalidation form RL-1N ', only the encrypted unique media key code KM-1N can be transmitted from PM13 to CDS1. The content key key KC of the hidden area 114 where CDS1 is stored is then encrypted using the unique media key code km_1N and transmitted to the PM13. In this way, the CDS device that should be cancelled according to the new invalidation form rl-IN (ie, the electronic device trying to use PM13) will undoubtedly be cancelled (excluded). The operation of when the PD 12 decrypts and plays back an encrypted content stored in the PM 13 will be described below. The following explanation will focus on the content decrypted and played back by PD12. The same procedure is also used when the content is decrypted and played back by LCM21. Figure 12 shows the communication between PM13, PD12 and the processing flow. When the user instructs PD12 to play back a content from PM13, the content is loaded into the media I / F part 12f of PD12. CPU12a of PD12 and controller 130 of PM13 perform a similar mutual authentication (AKE-1) to step S110 (AKE-1) ( Step S201). When CDS1 and PM13 find each other as appropriate devices in the mutual authentication in step S201, 0? 1112 &amp; and? ] ^ 13's controller 130 exchanges the key code to share the same session key code KX4. -29- This paper size is in accordance with Chinese National Standard (CNS) A4 (210 X 297 mm) (Please read the notes on the back before filling out this page) Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs

556160 A7 B7 5. Description of the invention (27) The CPU 12a of the PD 12 reads the identification data 1D_PD of the PD 12 'The identification data is hidden in the hidden area 124, and the identification data ID-PD is decrypted using the confrontation key code 10 ^ 4. The media I / F section 12f then transmits the encrypted ID-PD (= KX4 [PD]) to PM13 (step S202). The controller 130 of the PM13 decrypts the KX4 [ID-PD] received from the PD 12 using the session key code 10 ^ 4, and the dialog key code KX4 is received from the leading key code exchange to obtain the ID-PD (step S203). The controller 130 of PM13 searches the decrypted authentication data ID-PD of PD12 of the invalid form RL-1N in the open ROM-W area, and iM determines whether PD12 should be prohibited from using PM13 ( Step S204). When the ID-PD-compliant authentication data is found in the invalidation form RL-1N, the controller 130 determines that PD12 should prohibit the use of PM13 (that is, it is cancelled), and ends the execution at this time. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. On the other hand, if the ID-PD-compliant authentication data does not exist in the invalid data form RL-1N, the controller 130 determines that PD12 can use PM13, and reads and outputs the secret storage. The unique media key code KM-1N in the hidden ROM area 135 (step S205). The controller 130 then exchanges the key code with the CPU 12a of the PD 12 (through the media I / F unit 12f of the PD 12) to share the same session key code KX-5. The controller 130 uses the conversation key code KX5 to encrypt the read unique master media key code KM-1N, and transmits the obtained encrypted key code KM-1N (= KX5 [KM-1N]) to the PD 12 (step S206). When the aforementioned dialog key code KX4 is input into a private key code generation algorithm prepared in advance in PD12 and PM13, the result obtained is the dialog. -30- This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 556160 A7 B7 V. Description of the invention () Key code KX5 0 CPU12a of PD12 uses the conversation key code KX5 obtained during the leading key code exchange process to decrypt the KX5 received by PM13 [ KM-1N] to obtain the unique media key code KM-1N (step S207) ° Subsequently, the CPU 12a of PD12 reads the encrypted content key code KC stored in the hidden RW area 136 of PM13, and uses the unique key obtained from step S207 The media key code KM-1N decrypts the encrypted content key code KC. Subsequently, the CPU 12a of the PD 12 reads the encrypted content C (== KC [C]) stored in the open RW area 133 of PM13, uses the encrypted content key code KC obtained from step S208 to decrypt the encrypted gKC [C], and The content is played back (step S209). In this way, the method in this embodiment allows PD12 to receive the encrypted unique media key code KM-1N from PM13 only when PD12 is not invalidated due to the invalidation form RL-1N. The encrypted content key code (KM-1N [KC]), which is kept secret in the RW area of PM13, is then conveniently decrypted with the unique media key code KM-1N and used by PD12 to decrypt the encrypted content. In this way, a PD that should be invalidated by the new invalidation form RL-1N (ie, an electronic device trying to use PM13) will definitely fail. When the copyright protection system 100 of the present invention has been explained according to the above embodiments, the present invention is obviously not limited by the details described above. For example, when digital content of musical copyright is protected by this embodiment, image data of a movie or data of a computer program, such as game software, is also protected. It should be noted that this embodiment describes an event in which a conversation key code (KYI or KXI) is used to encrypt information that is or should be kept in a hidden area. -31- This paper standard applies to China National Standard (CNS) A4 specification (210 X 297 mm) 0 ^^ 1 ^^ 1 ^^ 1 ^^ 1 I— I _1 IB1 I · ϋ ϋ i · — I · ^^ 1 ^^ 1 ^^ 1 · mmtm ϋ i ^ in —ϋ II · Λ. · 矣 ^ (Please read the notes on the back before filling out this page) 556160 A7 B7 V. Description of the invention () 29 When it is passed between CDS1 and PM13 or between π and PD12 and PM13 Encryption is not absolutely necessary when it comes to data rotation. However, encryption using session key codes can increase the security of the content being protected. In the main invalidation form RL-M and the misstatement form μ 1 and RL-1N described in this embodiment, they are registered in the open ROM area 132 or the open ROM area, even though the invalidation form may be stored in any one that cannot be changed. For example, the form may be stored in an implicit area 134 that is only accessed by a special program. In the case of the encrypted eight key code (KM-1N [KC]) stored in the implicit RW area described in the above embodiment, the key may be stored in the doorway RW area 133 separately. When the authentication data in an electronic device described in the above embodiment is transmitted from the electronic device to the recording medium, the transmission is not limited to this direction. That is, a recording medium can transmit authentication data to an electronic device. For example, a recording medium may store the values E (ID, K1) and E (ID, K2) in advance as invalidation data. The value E (ID, K1) is obtained by using the identification data ID of the electronic device to encrypt the first key code K1 determined in advance. The electronic device allows access to the content on the recording medium. Conversely, the value E (ID, K2) is obtained by using the identification data 10 of the electronic device to encrypt the second key code K2 determined in advance, and the electronic device is prohibited from accessing the content on the recording medium. When the recording medium is connected to an electronic device, the recording medium transmits the above-mentioned invalidation data E and a random number R to the electronic device. When receiving the invalidation data E and a random number R, the electronic device is used since 32. This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm). Read the article I. Order Intellectual Property Bureau of the Ministry of Economic Affairs Printed by the employee consumer cooperative 556160 A7 V. Description of the invention (30) The identification data E has been decrypted. When the electronic device has not been cancelled, the decryption action causes the electronic device to obtain the first key code of £ 1. Conversely, when the electronic device has been cancelled, the decryption action causes the electronic device to obtain the first key code K2. The electronic device then encrypts the random number R using the key code K (K1 or K2) of the encryption result, and transmits the obtained value E (K, R) to the recording medium. The recording medium decrypts the received value E (K, R) and compares the result (i.e., the random number R ') with the random number R transmitted to the electronic device. When these values match, the recording medium allows appliances to access the content. The master failure data may have the same content and be tested using the same procedure, and the direction of transmitting dream data of the electronic device may be reversed. Please read the note on the back first and then fill in the (I) on this page.

556160 Printed by A7 B7, Consumer Cooperatives, Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the Invention () 31 Component No. Cross Reference Table 1 Figure 12 Portable Recording / Playback Device (referred to as 1 Content Dispersion System Portable Device) 12 Portable Recording / playback device (referred to as 13 storage media portable device) 14 Invalid data receiving unit 13 Content use control system (Portable 15 user I / F component media) 16 Invalid data storage unit 21 Content use control system (license 40 Electronic music distributor compliance module) 41 Invalid data Licensed entity 100 Copyright protection system Figure 3 Figure 2 PM Recording media CDS Content distribution system 13 Storage media EMD Electronic music distributor 130 Controller PM Storage media 131 Open area PD recording / Playback device 132 Read-only open area SMS security music server 133 Reversible write open area 2 Security music server SMS 134 Implicit area 3 EMDJ / F (interface) component 135 Implicit ROM area 5 PDJ / F component 136 Implicit reversible write RW area 136 6 Media_I / F component CDS / PD Content distribution system / Record 7 Implicit area drive And playback device 8 Register the storage unit Figure 4 Figure 9 License storage unit 132 Read-only open area 10 Music data storage unit 132a Open ROM_W area -34- (Please read the precautions on the back before filling this page) Order ----- ---- Line «This paper size is applicable to Chinese National Standard (CNS) A4 (210 X 297 mm) 556160 A7 B7 Printed Invention Note by Employee Consumer Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs () 32 RL-M Master Failure Information Section 7 Figure RL-1 The first group of invalid data PD portable recording / playback device (called RL-2 The second group of invalid data PD portable device) Figure 5 12 The portable recording / playback device (called CDS content distribution system) Portable device) 1 Content distribution system 121 Open area 111 Open area 122 Open ROM area 112 Open ROM area 123 Open RW area 113 Open RW area 124 Hidden area 114 Hidden area Figure 8 Figure 6 LCM License Compliance Module PD recording / playback device (portable device) 12 portable recording / playback device (called portable device) 12a central processing unit CPU 13 storage medium PM 12b random cache memory RAM 21 Content use control system (licensed 12c read-only ROM ROM compliance module) 12d flash memory 22 secure music server SMS 12e external I / F unit 23 EMDJ / F unit 12f media I / F unit 25 PD_I / F Part 12g Demodulation part 26 Media I / F part 12h Decoder part 27 Hidden area driver 12i D / A inverter part 28 Registration storage part CDS1 Content distribution system 29 Licensed storage part PM13 recording media 30 Music data storage part—35- (Please read the precautions on the back before filling this page) -----: ---- Order --------- Line "This paper size applies to China National Standard (CNS) A4 (210 X 297mm) 556160 Printed by the Consumers ’Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of the invention () 33 31 CD_I / F part AKE-M mainly identifies and key code exchanges EMD Electronic music distributor AKE-1 mutual identification 9th Figure KY1 Dialogue Key Code LCM License Compliance Module KY2 Dialogue Key Code 21 Content Use Control System (Privileged KX1 Dialogue Key Code Compliance Module) E Value 211 Open area S101 Step 101 212 Open ROM area S103 Step 103 213 Open RW area S104 Step 104 214 Hidden area S105 Step 105 Figure 10 S106 Step 106 CDS content distribution system S107 Step 107 PM Recording media S108 Step 108 ID-M master authentication information S109 Step 109 ID-1 master authentication information S110 Step 110 RL-M master failure information Sill Step 111 RL-1 failure information S112 Step 112 RL-1N new failure information S113 Step 113 Kl-M authentication key code S114 Step 114 KM-1N new unique media key code KM-M authentication Key code -36- This paper size is applicable to China National Standard (CNS) A4 (210 X 297 mm) (Please read the precautions on the back before filling this page)

Claims (1)

6 5 5 60 Shadow X years repair AB c D Specialist 1 CZ, 1 r Application for threatening application No. 89122735 Application for revision of patent scope 92.3.3. 1. A storage medium for loading electronic devices, the The storage medium includes: a content storage area for storing digital content; a invalidation data storage area for storing data corresponding to identification data of the electronic device as invalidation data; the identification data prevents access to the content stored in the content storage area; Digital content; and a main invalidation data storage area for storing data corresponding to identification data of an electronic device, the identification data preventing update of the invalidation data stored in the invalidation data storage area. 2. The storage medium according to item 1 of the scope of patent application, further comprising: a content protection method for performing the first judgment, which determines whether an electronic device having the storage medium installed has a failure corresponding to the failure data storage area; The identification information of the data. When the result of the first judgment is negative, the content protection component allows the electronic device to access the digital content stored in the content storage data area; and a method for updating the invalid data for performing the second judgment, which judges that the Does an electronic device on which the storage medium is installed have identification data corresponding to the master failure data stored in the master failure data storage area? When the second judgment result is negative, the update component allows the electronic device to update the failure stored in the failure data storage data area. data. 3. According to the storage medium in the scope of patent application No. 2, the master invalidation data storage area can be set in ROM (read-only memory), where the master invalidation data has been stored in advance. __ This paper size is in accordance with Chinese National Standard (CNS) A4 (210X297 mm) 8 8 8 8 AB CD 556160 I 6. Application scope of patent 4. According to the storage medium of item 2 of the scope of patent application, it also contains: Before performing the second judgment of the invalid data update component, the mutual authentication component using the electronic device having the storage medium installed to perform mutual authentication, and when the mutual authentication is successful, the mutual authentication component also creates a privacy that can be shared with the electronic device. The key code, in which the revocation data updating part updates the revocation data by using a private key code manufactured from a mutually different part. 5. According to the storage medium of the scope of patent application No. 2, among them, only when the second judgment result is negative, the revocation data updating part can transmit a private key code of the electronic device to the renewal data to the electronic device. 6. According to the storage medium of the scope of the patent application, the invalidation data can be classified into several groups, and the invalidation data storage area can include multiple storage areas. Each group is stored in a different storage area and becomes invalid. The data update component can judge the following situations as the second judgment: (1) Does the electronic device on which the storage medium is installed have identification data that does not correspond to the master failure data stored in the master failure data storage area; (2) Whether the electronic device Have identification data in a specific group that does not correspond to the invalidation data that the electronic device wishes to update; the second judgment is negative only when both (1) and (2) are affirmative, and the invalidation data update component Only allow electronic devices to update stale data in specific groups. 7. According to the storage medium in the scope of patent application No. 2, the __ -38 · _ inflammation of the storage medium applies the Chinese National Standard (CNS) A4 specification (210X297 mm) AB c D 556160 ττ, the patent application scope invalidation data The area stores a piece of data that has just been manufactured using the encrypted private key code determined in advance as invalid data. The private key code uses the authentication data in the electronic device that is prohibited from entering digital content as a key code, and the content protection component is transmitted and stored. The failure data in the failure data storage area is stored on the electronic device, and the electronic device has been loaded with the storage medium, and it is determined whether the data returned by the electronic device has played a predetermined role in order to determine whether the electrical appliance has a corresponding stored in the failure data Identification data of invalid data in the storage area. The main invalid data area stores a piece of data that has just been manufactured using the encrypted private key code determined in advance as the master invalid data. The private key code is used in an electronic device that is prohibited from updating the invalid data. The authentication information as a key code should be invalid The material update component transmits the main failure data stored in the main failure data storage area to the electronic device, and judges whether the data returned by the electronic device has played a predetermined form of formality to determine whether the electrical appliance has the corresponding storage stored in the main failure. Identification of the master failure data in the data store. 8.-A method for updating invalid data for updating invalid data on a storage medium, the storage medium being used for loading an electronic device and including: (1) a content storage area for storing digital content; (2)-use An invalid data storage area for storing data corresponding to the identification data of the electronic device, the electronic device is prohibited from accessing the digital content stored in the content storage area; and (3) —for storing the identification corresponding to an electronic device_ ___ Applicable to Chinese National Standard (CNS) A4 specification (210X297 mm) for non-Zhang's scale. '~ 8 8 8 8 AB CD 556160 VI. The main invalid data storage area of the data for patent application data, the electronic device is prohibited from updating The invalidation data stored in the invalidation data storage area; the method includes: a detection step for detecting whether the storage medium is installed in the electronic device, and a method for determining whether the first authentication data of the electronic device does not correspond to the storage in the storage medium The first judgment step of the master failure data of the master failure data storage area; and only when the first judgment result is positive, a In updating step to update the stored failure information of the failure data store. 9. For the method for updating invalidation data in the scope of patent application item 8, wherein the updating step includes a second authentication data corresponding to an electronic device, the second authentication data is stored in the invalidation data storage area as the new invalidation data. 10. If the invalidation data updating method of item 9 of the patent application scope further includes: a mutual authentication step, in which mutual authentication is performed between the electronic device and the storage medium, and only when the mutual authentication is successful, the electronic device and the storage are about to be Only the private key code shared by the media player can be manufactured, and the updating step updates the invalidation data by using the private key code generated by the mutual authentication step. 11. If the invalidation data updating method of item 10 of the scope of patent application is applied, the updating step includes: when the first judgment result is positive, the -40- paper size produced by the mutual authentication step is applicable to the Chinese National Standard (CNS) A4 specification ( 210X297 mm) 556 160 A private key code to encrypt the data corresponding to the second authentication data of an electronic device and to transfer the encrypted data from the electronic device to a storage medium; and a private key code to decrypt the encrypted data transmitted A storage sub-step, and a storage sub-step for storing data in the stale data storage area as new stale data. 12. The invalidation data updating method according to item 9 of the scope of patent application, wherein the judging step includes a judging sub-step for performing a third judgment on whether the second authentication data corresponds to the stored in the invalidation data storage area, and 箠When the first judgment result is positive and the third judgment is negative, there is a second authentication data in the updating step, and the second authentication data is stored in the invalid data storage area as the new invalid data. 13. If the invalidation data update method of item 9 of the scope of patent application, the main invalidation data area stores a piece of data that has just been manufactured using the encrypted special private key code as the main invalidation data, and the use of the special private key code is prohibited from being updated The identification data in the electronic device of the failure data is used as a key code, and the judgment step transmits the master failure data stored in the main failure data storage area to the electronic device, the electronic device has been loaded into the storage medium, and the The identification data corresponds to the main failure data in the main failure data limitation area in the storage medium, and it is further determined whether the response received from the electronic device plays a predetermined form. 14 · An invalidated data update for updating invalidated data on storage media -41- This paper standard is applicable to Zhongguanjia Standard (CNS) A4 specification Ui〇297297) ----- AB c D 556160 Range device, the storage medium is used for loading the electronic device and includes: (1) a content storage area for storing digital content; (2)-invalid data storage for storing data corresponding to the identification data of the electronic device Area, the electronic device is prohibited from accessing digital content stored in the content storage area; and (3) —a master invalid data storage area for storing data corresponding to identification data of an electronic device, the electronic device is prohibited from updating The invalidation data stored in the invalidation data storage area; the invalidation data updating device includes: a first type data storage component for storing a primary restriction area that does not correspond to the main invalidation data storage area stored in the storage medium; To obtain and use a license acquisition component corresponding to the first authentication data stored in the first authentication data area component, the permission from the storage medium To update the invalidation data stored on the storage medium; and an update component to update the invalidation data stored on the storage medium according to the permission obtained by the license acquisition component. 15. For the invalidation data updating device of the scope of application for patent No. 14, wherein the updating component updates the invalidation data by using the data stored in advance and corresponding to the second authentication data. 16. If the invalidation data updating device of the scope of application for patent No. 15 further includes: a mutual authentication component for performing mutual authentication with the storage medium before the license acquisition component attempts to obtain a permission to update the invalidation data; only mutual authentication When successful, the mutual authentication component can produce a private key code that can be shared by storage media * ^ Chinese national standard for paper (CNSy A4 ^ format (210 &gt; &lt;: 297 mm) -42- AB c D 556160 VI. In the storage medium, the update step uses the private key code generated by the mutual authentication step to update the invalidation data. 17. If the invalidation data update device of the 16th patent application range includes: The private key code generated in the mutual authentication step updates the invalidation data by encrypting the new invalidation data corresponding to the second authentication data, and transmits the encrypted data from the electronic device to the storage medium. Device for updating invalid data, wherein the invalid data is divided into multiple groups, and the invalid data storage area contains multiple Storage area, each storage area stores a different group, and the update component only updates the invalidation data in one group, which corresponds to the second identification data. The master invalid data area stores a piece of data manufactured by encrypting a previously determined private key code as the master invalid data. The prior private key code uses the authentication data in the electronic device forbidden to update the invalid data as a key code. And the permission obtaining component obtains the permission by receiving the master invalidation data transmitted from the storage medium, using the first authentication data in an electronic device to decrypt the master invalidation data, and transmitting a regular, decrypted form that plays a predetermined pattern Results and information to this storage medium. __________- 43- This paper standard uses China National Standards (CNS) ~ X4 specifications (210 ^ 297 mm)